Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Hacktool.rootkit

NYCityGal

Posted 11 June 2008 - 12:15 PM

NYCityGal

New Member

Member

4 posts

Hi,

I have a ThinkPad and I'm using XP with service pack 2. I have Symantec AntiVirus and I've run that a few times since the problem occurred. Last night, the computer stopped letting me access the internet and became very slow. At one point I got a Symantec threat warning that there was a "hacktool.rootkit" invasion and that it was deleted. The computer continued to act oddly though and I got a couple more of those messages. I ran a Symantec scan later in the night that came up clean, but shortly after doing so, I got anoter message about a hacktool.rootkit threat. I got one this morning too. Upon another scan, Symantec found and quarantined Downloader.Swif.C, and then I deleted it. I haven't gotten those messages in the past few hours, but there are things in my local settings/temp folder that are new from within a few hours of when all this happened - and they can't be deleted because they are apparently "being used." When I got the original error message about hacktool.rootkit they also gave me another folder (maybe program files) where there was a problem, but now I can't find it and I'm not sure I remember.

My Symantic threat history says the threats were dat1b91.tmp, dat1.tmp, dat7.tmp, another dat7.tmp, and 4561[1].swf. The last one was located in Documens and settings\shls\local settings\temporary internet files\content.ie5\EAT6YHUD. I've downloaded hijack this and I've followed the instructions for running I found on your site. I'm copying the results below. I know that you all must be extremely busy with people asking for this, but I would be so grateful if you could please help me as soon as possible. I need to download exam software and certify this computer for use on a very important exam I'm taking - it needs to be certified within a few days or else they will have me hand write, which will put me at a huge disadvantage (I don't hand write very quickly!). If my computer is too bad to use for the exam, I'll need to know right away (please give me your advice, if possible) so I can purchase or borrow another immediately. I can't certify this one and then later decide to take it on another.

Also, is it necessary to just reformat everything? I don't have a great way to store all my stuff (I keep my documents on a thumb drive but larger things will be harder to save I guess) but if I have to, I guess I have to.

Thank you SO much in advance for your help. I'm really desperate and panicked.